Latest draft of federal IPv6 profile released for comment

By William Jackson

Jan 24, 2008

The National Institute of Standards and Technology has released the latest draft of proposed standards for IPv6 networking and security products, a project intended to support the adoption of the next generation of Internet Protocols in government networks.

Among the changes in the second draft of Special Publication 500-267, titled 'A Profile for IPv6 in the U.S. Government ' Version 1.0' are initial plans for the test program that will ensure the compliance and interoperability of products built to this profile. NIST has scheduled a public meeting to discuss the IPv6 testing program on Feb. 19.

The profile is being developed in response to the Office of Management and Budget mandate that agencies enable their core networks to handle IPv6 traffic by the end of June. As part of this process, agencies must procure IPv6-ready products. This requires a working standard for the requirements products must meet.

NIST is developing a technical-standards profile for government acquisition of IPv6 hosts and routers, as well as a specification for network protection devices. The host-and-router profile includes a set of requests for comment published by the Internet Engineering Task Force encompassing basic IPv6 functionality, and specific requirements and key optional capabilities for routing, security, multicasting, mobility, network management and quality of service. The network protection device profile contains a set of capability requirements for IPv6-aware firewalls and intrusion detection systems.

The profile also addresses how such systems can interoperate and co-exist with the current IPv4 systems. Agencies with unique information technology requirements will use the NIST profile as a basis for further developing their own specifications and policies.

Changes in the second draft of the standards were the result of more than 500 comments on the first draft, as well as from feedback from a series of meetings with government and industry groups.

In addition to developing a technical profile for IPv6, NIST also is charged with creating a testing program to validate compliance with these standards. NIST will accredit independent laboratories that will do certification testing for products claiming compliance with the standards. The testing program is the subject of the Feb. 19 meeting.

'The detailed set of test methods and validation procedures are still under development,' NIST said in announcing the meeting. 'One purpose of this meeting is to discuss the general plans for the development and execution of the test program and to identify parties interested in collaborating in the further development of its details.'

The workshop will be held at 100 Bureau Drive on the NIST campus in Gaithersburg, MD 20899, Building 101, Lecture Room B. Additional information can be obtained via e-mail.

Because of space restrictions, there is a limit of 60 participants in this workshop and access cannot be guaranteed for unregistered participants. Precedence in registration will be given to the first two representatives of each accreditation body and testing laboratory, and organizations are asked to limit participation to one representative each.